Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add description about custom profile #48154

Merged
merged 5 commits into from
Nov 17, 2024
+72 −2
Merged

Add description about custom profile #48154

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
c7348db
Add custom profile
mochizuki875 Oct 1, 2024
22c400b
fix1
mochizuki875 Oct 7, 2024
636ae0f
fix2
mochizuki875 Oct 8, 2024
16112b8
fix3
mochizuki875 Oct 8, 2024
09df98e
fix4
mochizuki875 Oct 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 57 additions & 0 deletions content/en/docs/tasks/debug/debug-application/debug-running-pod.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -718,3 +718,60 @@ Clean up the Pod when you're finished with it:
```shell
kubectl delete pod myapp
```

### Custom Profile {#custom-profile}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Custom Profile {#custom-profile}
## Custom profiles for ephemeral containers {#custom-profile}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as Debugging Profiles above, custom profile can be applied not only to an ephemeral containers, but also to a copied Pods or a debugging pods to debug nodes.
Although the following case uses an ephemeral container as an example, I think the title should remain more general, as it is now.
(While other examples can be provided, it would be redundant)

Furthermore, I think custom profile is an extension of debugging profile.
So it would be better for the Custom Profile section under Debugging Profiles to be at level ### instead of ##, or to add a new comprehensive section that consolidates the Debug Profile and Custom Profile.


{{< feature-state for_k8s_version="v1.31" state="beta" >}}

You can define partial container spec as a custom profile in either YAML or JSON format, and apply it using the `--custom` flag.
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved

{{< note >}}
- Custom profile only supports the modification of the debug container spec. It does not support the modification of the Pod spec of the debug target.
- Modifications via custom profile is not allowed for certain fields such as command, image, lifecycle, volume devices and container name. In the future, more fields can be added to the disallowed list if required.
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved
{{< /note >}}


First, create a Pod named myapp as an example:

```shell
kubectl run myapp --image=busybox:1.28 --restart=Never -- sleep 1d
```

Create a custom profile in a YAML file named `custom-profile.yaml`:

{{% code_sample file="debug/custom-profile.yaml" %}}
tengqm marked this conversation as resolved.
Show resolved Hide resolved

You can also use JSON format for the custom profile:

{{% code_sample file="debug/custom-profile.json" %}}
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved


Then, debug the Pod using an ephemeral container with the custom profile:
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved

```shell
kubectl debug -it myapp --image=busybox:1.28 --target=myapp --custom=custom-profile.yaml
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved
```

You can check that the ephemeral container was created with the custom profile applied:

```shell
kubectl get po myapp -o jsonpath='{.spec.ephemeralContainers[0].env}'
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved
```

```
[{"name":"ENV_VAR_1","value":"value_1"},{"name":"ENV_VAR_2","value":"value_2"}]
```

```shell
kubectl get po myapp -o jsonpath='{.spec.ephemeralContainers[0].securityContext}'
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved
```

```
{"capabilities":{"add":["NET_ADMIN","SYS_TIME"]}}
```

Clean up the Pod when you're finished with it:

```shell
kubectl delete pod myapp
```
20 changes: 20 additions & 0 deletions content/en/examples/debug/custom-profile.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{
"env": [
{
"name": "ENV_VAR_1",
"value": "value_1"
},
{
"name": "ENV_VAR_2",
"value": "value_2"
}
],
"securityContext": {
"capabilities": {
"add": [
"NET_ADMIN",
"SYS_TIME"
]
}
}
}
10 changes: 10 additions & 0 deletions content/en/examples/debug/custom-profile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
env:
- name: ENV_VAR_1
value: value_1
- name: ENV_VAR_2
value: value_2
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_TIME